package com.ryh.controller;

import com.ryh.constant.PermissionEnum;
import com.ryh.entity.User;
import com.ryh.constant.RoleEnum;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

/**
 * @ClassName UserController
 * @Description 用户Controller
 * @Author RaoYH
 */
@Controller
@RequestMapping(value = "/userController")
public class UserController {

    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public String login(Model model, User user)  {
        //获取主体
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(user.getUserName(), user.getPassword());
        try {
            subject.login(token);
        } catch (LockedAccountException e) {
            e.printStackTrace();
            model.addAttribute("message", "锁定的帐号" + e.getMessage());
            return "error";
        } catch (DisabledAccountException e) {
            e.printStackTrace();
            model.addAttribute("message", "禁用的帐号" + e.getMessage());
            return "error";
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            model.addAttribute("message", "错误的帐号" + e.getMessage());
            return "error";
        } catch (ExcessiveAttemptsException e) {
            e.printStackTrace();
            model.addAttribute("message", "登录失败次数过多" + e.getMessage());
            return "error";
        } catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            model.addAttribute("message", "错误的凭证" + e.getMessage());
            return "error";
        } catch (ExpiredCredentialsException e) {
            e.printStackTrace();
            model.addAttribute("message", "过期的凭证" + e.getMessage());
            return "error";
        } catch (AuthenticationException e) {
            e.printStackTrace();
            model.addAttribute("message", e.getMessage());
            return "error";
        }
        if (subject.hasRole(RoleEnum.ADMIN.getRole())){
            model.addAttribute("message", "尊敬的"+ RoleEnum.ADMIN.getRole()+"您好");
        }else if ((subject.hasRole(RoleEnum.USER.getRole()))){
            model.addAttribute("message", "尊敬的"+ RoleEnum.USER.getRole()+"您好");
        }
        subject.checkPermission(PermissionEnum.SELECT.getPrmission());

        model.addAttribute("user", user);
        return "index";
    }

    /**
     *  RequiresRoles("user")注解表示当前主体必须具备user角色
     *  才可以访问该链接执行该方法
     * @param model
     * @return
     */
    @RequiresRoles("user")
    @RequestMapping(value = "/testRoleUser", method = RequestMethod.GET)
    public String testRoleUser(Model model) {
        model.addAttribute("message", "尊敬的"+ RoleEnum.USER.getRole()+"您好");
        return "index";
    }

    /**
     *  RequiresRoles("admin")注解表示当前主体必须具备admin角色
     *  才可以访问该链接执行该方法
     * @param model
     * @return
     */
    @RequiresRoles("admin")
    @RequestMapping(value = "/testRoleAdmin", method = RequestMethod.GET)
    public String testRoleAdmin(Model model) {
        model.addAttribute("message", "尊敬的"+ RoleEnum.USER.getRole()+"您好");
        return "index";
    }

    /**
     * RequiresPermissions("select")注解表示当前主体必须具备select权限
     * 才可以访问该链接执行该方法
     * @param model
     * @return
     */
    @RequiresPermissions("select")
    @RequestMapping(value = "/testPermission", method = RequestMethod.GET)
    public String testPermissionSelect(Model model) {
        model.addAttribute("message", "尊敬的"+ RoleEnum.USER.getRole()+"您好");
        return "index";
    }

    /**
     * RequiresPermissions("delete")注解表示当前主体必须具备delete权限
     * 才可以访问该链接执行该方法
     * @param model
     * @return
     */
    @RequiresPermissions("delete")
    @RequestMapping(value = "/testPermissionDelete", method = RequestMethod.GET)
    public String testPermissionDelete(Model model) {
        model.addAttribute("message", "尊敬的"+ RoleEnum.USER.getRole()+"您好");
        return "index";
    }

    @RequestMapping(value = "/testPermissionInsert", method = RequestMethod.GET)
    public String testPermissionInsert(Model model) {
        Subject subject = SecurityUtils.getSubject();
        subject.checkPermission(PermissionEnum.INSERT.getPrmission());
        model.addAttribute("message", "拥有"+ PermissionEnum.INSERT.getPrmission()+"权限");
        return "index";
    }

    @RequestMapping(value = "/testPermissionUpdate", method = RequestMethod.GET)
    public String testPermissionUpdate(Model model) {
        Subject subject = SecurityUtils.getSubject();
        subject.checkPermission(PermissionEnum.INSERT.getPrmission());
        model.addAttribute("message", "拥有"+ PermissionEnum.INSERT.getPrmission()+"权限");
        return "index";
    }
}
